Legalities Over the Cloud and Who Owns your Data

When trying to figure out who has rights to your data there are three things to consider: you, the cloud provider, and the region your data is held in. A lot of the issues become issues because of the varying laws; where your data is held might be in different country than the country you uploaded porno from. So, even after you figure out what your agreement is with a Cloud provider they can be subject to the particular laws of another country; fore instance America has a set of laws known as the Patriot Act which grants the US government access under certain conditions. So even after you figure out who owns the data, and what that means, you might not have control over who is accessing the data.

When you decide on a Cloud provider there are a number of things that you want to look at. One of them being the terms of service that will, most likely, define how a provider views your data, and what they can do with it. The terms of service will be restricted by your regions governing principles. Fore-instance in England they have the ‘Copyright and Rights in Databases Regulations 1997’ to help clear up some of the vagaries of this new technological development. The law defines two types of data one that is protected by copyright law, and ones that aren’t but are still regulated in their way. The existence of the law is a step in the right direction towards clarifying ownership of the information that is being stored in the Cloud.

Although to confuse this issue even further is the fact that some of your information may be stored in your own database but you are using a Cloud service to handle it from time to time. Or your Cloud provider is servicing out to another Cloud provider; so they may host your information in a storage unit that isn’t their own. Each of these situations has unique problems and each part of this chain of concerns depends on user agreements and the particular governing bodies. So there is no single solution to answer the question of who owns your data, and as this issue becomes generally understood hopefully we will see some best practices winning out. Although I wouldn’t necessarily say there is no way to find out. There are some things that can be done to better understand what is happening. Unfortunately one of those things is reading over all your relevant user agreements, and as one source claims it would take roughly 250 working hours to read all the user/privacy agreements most of us come across in one year. So you have to balance your need to know with your time, but be warned the details are important.

Understanding governing rules of where your data is being held or processed is not insignificant either. Each region is going to have its own governing rules about what happens when data is processed and the processing of the data may influence who owns the data now that it has been changed. So each step and movement of your data becomes an important issue to consider when deciding on a Cloud provider.

Who owns your data, then? It depends on the governing laws and user agreement made between you and the Cloud provider. It also depends upon the governing laws of where your data is being held, in addition to the agreements that your cloud provider may be making with their cloud provider. The Cloud has so much under the umbrella of Cloud porno gratis services, that often one type of Cloud provider will outsource to another type of Cloud provider.

Hackers and the Cloud

There are a variety of reasons someone might be hacking your information, with any Cloud service there is going to be a wealth of data. Remember, whatever your reason for choosing one Cloud provider over another, other people are likely making similar choices for similar reasons. In addition, with more and more people moving their data to the Cloud, the increase in payoff for the hacker attracts more sophisticated hackers. Hackers will use a number of entry points to get into the Cloud provider. A lot of the vulnerabilities are in the interface between you and the Cloud provider. A Cloud service should be using the most sophisticated techniques to secure your data on their end. But remember that an API gives access to the server, in limited formats, to any one using the UI or API.

An API, or Application Programming Interface, is is similar to a UI, or User Interface. Though often used similarly, the two can offer varying services depending on who is using the term. An interface is the way a user interacts with some program or programs; an API provides access to the service. It is a program that you can operate from a remote location. This interface provides a key security loophole that can be exploited because the Cloud provider is giving access to the user. It can seem an obvious problem, and in some respects it is, in addition some API’s give access to the Cloud customer’s customer. Some companies or individuals are using Cloud services to offer back up and security to their prospective clients.

There is no one-step way to prevent hackers, a lot depends on the systems you are using. For every system there are going to periodic vulnerabilities, but staying up to date with the latest patches for your software is important. Researching known vulnerabilities is also important. There are various companies which you can hire to keep you abreast of vulnerabilities and problems that occur.

A lot of Hackers are increasing their efforts towards spear phishing, spear phishing is a way to find out passwords or answers to security question through indirect means. After discovering who has access, a hacker will look through public information about that customer, and even a username that might be given away by the employee. The most basic thing you can do to thwart hackers is to educate your employees on the various threats to security. What could seem like an innocuous question, or email attachment, can very well be the opening to an attack. The basics are simple, verify everything. If you aren’t sure of the website, or an email attachment, then do a little research into it. Perhaps you are getting a call from someone saying they are a provider; find out for sure by calling them back.

Hackers have a variety of reasons to get your information, sometimes to sell it to other hackers who can use your usernames and passwords to log into other sites. Suffice to say, this information is becoming more and more of a commodity it our markets. And as long as there are people who want that information, a burgeoning blackmarket for information will develop.

The difficulty is that this is all going on behind the scenes. You may have been hacked and not even know it, yet identifying what information was compromised, and the weak point in your system that allowed for the breach, is a crucial part of keeping a competitive edge in the world today. A lot of the prevention can seem vague or unnecessary to keep your data safe, but it is vital to understand security and your Cloud provider.

Cloud Security Concerns for Any Customer to Consider

For a Cloud customer there are primarily three questions you have to ask yourself:
– what cloud service I want;
– what security vulnerabilities does that cloud service have;
– and what can I do once I have chosen videos porno to limit those vulnerabilities.

A lot of vulnerabilities arise from a lack of knowledge. The Cloud service provider will connect their available network to you by way of a UI or API interface. So being informed will help you as a customer know how best to control your operation, and prevent loss or release of data.

A number of concerns arise when trying to secure your operations. Amongst the concerns one has to consider is what are you sharing on the Cloud service, how secure is the connection to the Cloud provider, and who has access to your operations and information. These questions can form the basis of an investigation into preventing future data failures from happening.

The most basic things you can do to prevent your information from being hacked is to use encrypted data; anything that goes over a network should be encrypted. Encryption is the lock on your information. Another important strategy is to use passwords, especially for any administrative duties, and change those passwords periodically. The problem is that in house employees will not want to memorize changing passwords, and passwords shouldn’t be in the cloud system itself. So a difficult balancing act becomes necessary and in order to juggle between protecting access to your Cloud data, and ease of use.

Another thing you can do to secure your system is to back everything up. In case of malicious or accidental removal, you will have that data stored elsewhere, and you most likely want to encrypt those backups for protection. Hackers can have a variety of reasons for attacking your Cloud provider or personal system, and some of those reasons involve removing your data from the web. So it is vital to create back-ups of important data.

Make use of the security updates your Cloud provider releases immediately; these security patches repair known flaws. If your provider has provided a patch, this means anyone who knows of the patch knows of the flaw in the system, and most likely some people knew of this flaw before you did. The key to good security is to be one-step ahead of everyone else, people trying to access your information are most likely going to go after the lowest hanging fruit.

According to the CSA, another important security concern to consider is the threat of malicious insiders. A malicious insider is someone who now has, or once had access, and now wishes to use that access in a way you don’t want. A malicious insider could be an ex-employee. One way to remedy circumstances is to have a fast turn over rate for security access when new employees are hired and old employees leave. You want to change access over from old employees to new ones immediately. Other measures you can take is to routinely track access to sensitive information. While I deplore over reaching efforts to snoop on employs, there is a balance that can be achieved by tracking access to particularly sensitive information and encryption keys or passwords.

The use of a Cloud service is fraught with new and old perils. While it is in many respects more secure handling your porno information yourself, its attractiveness as a target for an attack makes it vulnerable. So taking steps to ensure that you are able to limit security loopholes and working with your cloud provider is a good way to help ensure the security of sensitive information and data.

The Cloud Operators and Their Security Concerns

As a data operator of a Cloud service you will have many security concerns. Any new technology comes with a host of new threats to your business model, in particular the business of maintaining privacy in the digital world has become difficult. According to the CSA publication The treacherous 12, there are over 12 security threats to consider. Their article focuses on the 12 most pressing issues they have chosen, of which several of them are of particular concern. According to wikipedia the CSA puts Insecure interfaces and API’s at almost a third of the ‘cloud security outages’, and data loss and leakage make up to a quarter, with hardware failure being the third most troublesome issue.

Without going into great technical detail there are a variety of ways that an insecure API can result in loss or release of sensitive data. To simplify the situation it is about access, a multitude of individuals who now have controlled access. Every door though provides a weakness that walls do not have. Your API is a door into the server room, and a host of people all have their own doors. While most people only have access to their own portion of the server, the server can have bugs not known that give access to other parts of the room. Not to mention the fact that often a Cloud customer may give access to third parties to use the data on the Cloud.

Data loss can occur in a number of significant ways outside of malicious intentions. It is important to maintain backups in case of disaster. Any kind of disaster that destroys the actual hardware of the Cloud service is a possibility to keep in mind; though a client encrypting their information and forgetting the encryption code is a far more likely concern. It does not rest solely on the Cloud provider to prevent loss of information. While malicious intent does compromise most of the loss of data that could have been prevented, it is much more difficult to maintain good practices of protection against an intelligent intruder, over lets say the Customer forgetting their encryption key.

The Mitigation of data leakages involves many types of habits that a good Cloud provider must follow. There are a few types of applications that the Cloud provider can set up to mitigate data leaks from shared networks. It is important to keep in mind that the hardware a client is using could be used by a number of other customers. And this creates security vulnerabilities in the system itself that, even without malicious intent, can lead to outsiders having access to the clients data. Any program is going to have bugs, bugs are essentially problems in the code that wasn’t vetted for. This is going to happen with any program. The amount of code it takes to write a sophisticated program means that there are vulnerabilities that haven’t been thought through, or even discovered yet.

Vulnerabilities lie in loose links, and with so many links in the encryption process it becomes difficult to cover all your bases. It isn’t impossible, the important thing is to stay ahead of the curve. You want to be more secure than your neighbour to prevent vulnerabilities. But the facts are that the code itself is often hundreds of lines long, and to know every vulnerability in a chain that large becomes difficult, luckily finding cracks in the chain is also difficult for the hacker. But above and beyond the programming errors, which can be solved with frequent patches, is the human vulnerabilities and hardware failure.

Porting your Data as a Cloud Customer

Without any single dominant Cloud provider porting your data from one service to another is a grueling task. Depending on the service you are using; Iaas, Paas, or Saas all come with their own interoperability problems. Even something as simple as a Saas Cloud customer may want to move their data held in the cloud to an in-house server as your operations grow and become more streamlined. The problem is that your Cloud provider may not have the right tools for a convenient transition. For instance if you wanted to move all your emails to another client. Imagine forwarding each email individually, this is meant as an illustrative example only. Your platform may or may not have solutions to porting over into an new system.

For the consumer porting your services from one provider to another would be a significant boon. Before the consumer decides on a Cloud provider to host their operations they have to ask themselves what type of operations are they outsourcing. The nuances will vary according to type of Cloud service being utilized, and the needs their particular products have. For instance if you are utilizing an Saas Cloud system then the data stored on say iMessage wouldn’t transfer directly to Google Chat; or perhaps you are using a Paas system for your cloud services and coding in a particular platform. You might find that you would be able to minimize costs by switching Cloud Services but you might have to recode elements of your services or perhaps switch languages. The issues aren’t unsolvable these days, in fact we have even begun to write programs that debug programs, but that solution is in its infancy and would increase costs for the Cloud consumer.

The problems are a mixture of technical know how, and a business will. Interoperability in a general sense is the ability of an infrastructure to be able to connect and communicate with another structure without implementation or restriction of access. It is the ability for a service to be formatted so as to allow cross-platform communication. And each Cloud Service is going to want to showcase a unique product to their customer base. Essentially they will want to carve out a niche at the least, if not become the primary provider, and to do that they need to have a unique and powerful offering.

Some of the issues facing interoperability and ease of porting a customers data include: rebuilding applications, the actual transfer of data, and making sure the services the consumer needs exist on the new platform. From the customers perspective being able to have full service compliance would be important. You wouldn’t want as a customer to be going over to a new system and having your old files need to be reengineered just get the same tasks done. Or perhaps relearning a different set tools just to be able to do what you had been able to do originally. The actual porting of your data is another large hurdle that needs to be passed. Because in some instances the customer can’t reasonable port large quaintness of data by email, so the compliance of having the right videos porno in your first service provider and the right hook-up for your new provider needs to be run smoothly, let alone how the data is formatted. One reason sending the data by the internet is troublesome is there are security concerns that need to be considered when porting data over any public connection, even one that would encrypted.

So interoperability is an important step in being able to port your data as a Cloud service customer, and being a viable strengthening company in the current climate one often needs to move your services from one cloud to another, or to an in-house server.

Interoperability and Cloud Services

Interoperability in a general sense is the ability of an infrastructure to be able to connect and communicate with another structure without something translating, or restricting access. It is designed for a service to be formatted to allow cross-platform communication, in simpler terms. Word and Pages were not always interoperable, but rich text formatting was interoperable between the two. The ability for data to be moved from one format to another without a middle man is a key element. The other element for many service providers is access, if their product would be the dominant culture. The dominant cultural product would want to restrict certain information to maximize their products capabilities. So for something to be interoperable the data must be easily moved, and all of the data must be available; which is difficult for businesses to manage.

Each Cloud Service is going to want to showcase a unique product to their customer base. Essentially they will want to carve out a niche, if not become the primary provider; to do that they need to have a unique and powerful offering.

For a Cloud provider to be able to distinguish their service from others is paramount to be able to thrive in this new culture. With most new industries there is a relatively massive push and pull between different standards. Like the classic examples of Apple and Microsoft or even VHS and Betamax; this polar competition is a rough approximation to the standardization issues in interoperability of Cloud Services. In he Cloud world there is a much larger variety of services, even types of services, but the nitty-gritty of the issues is a need for a company to distinguish themselves amongst their competitors.

The vendor of a particular Cloud service may feel that they have a nifty offering, and they wouldn’t want to create an inferior product to meet an industry standard. Now if there ever is an industry standard, each company will have to decide if portability of offerings is necessary for them to compete with other services. They will be deciding between the particulars of their offering and the offerings needed to port from their competitors. But being able to move from a competitor also means the ability for their customers to move to one of their competitors. Not surprising the ability for your data, software, or platform to communicate and integrate with other services is the main difficulty with moving it. Portability is the ability to port or move your data from one system to another, not surprising the main issue with portability is interoperability. I am using data in a very general sense, it can mean literally the information stored on an Saas system, or the programs that are stored in a Paas system, for instance. The interoperability of your data wedges into this issue of porting information from one system to another. There are strides being made into interoperability, a growing desire from parts of the industry to have a standard to ease interoperability.

As a vendor of a Cloud service you have to consider whether you are utilizing the best practices as well as what is good for your company. Your company may be able to beat out competitors by having the best services provided and then the adoption of a standard set of services necessary for interoperability might cut down on the services offered. A company could end up giving a competitive edge over in search of complying to an industry standard. So, the need to be interoperable is not a task to consider lightly. There are many standardizations that would be good for a consumer but not necessarily for a vendor.

Popular cloud computing services: SaaS (Software as a Service)

One of the reasons the ‘Cloud’ has become such a ubiquitous term is the Saas model. Some people are beginning to think Saas should not be thought of as a part of the Cloud packages at all, because it provides in some respects a different type of service than Paas or Iaas.

Saas or Software as a service is the most basic service, essentially it is a cloud offering that individuals or companies can use to standardize routine tasks or services.  An email client might use this type of cloud packaging because the basics of an email client needs to work across platforms.  Essentially Saas is a data storage, offering specific software that uploads and downloads from the general server.  The whole process is streamlined by the Cloud provider.  The Cloud provider is doing all the developing for the software; while in Paas the platform can do some of the work– Saas takes this beyond the scope of what Paas provides.  Saas is really just the data storage aspect of the Cloud offering where the data is limited in scope to the type of software the Saas is providing.

The Saas model, in fact most Cloud based services, rely upon the use of some software interface for the client that uploads and downloads from the Cloud.  The Cloud operator utilizes intelligent software to handle data from the clients.  Examples include GoogleDrive, iCloud, or an application store; all these services remotely hold data and software in the cloud that the client is able to upload and download from.  It takes little know-how to operate many of Saas Cloud operations the Cloud is able to manage and essentially streamlines aspects of business operations.

Interoperability and security are still issues with the Saas model.  A problem with Saas is the use of software precludes or interferes with control over your data.  The software operator remains in control of formatting the software.  The data a customer puts onto the Cloud is read by their own network through a pre-designed software client, so porting or moving customers’ data is a cumbersome process.  As portability is a problem for all Cloud services the service of your particular Cloud host is an extremely important decision.

What a Saas customer must keep in mind is that they are limited by the software they are using.  If, for-instance, one wanted to port data or use their information in any particular way, they would need to design their own system for accessing the information for personal use.  Porting data from an Saas Cloud provider is a significant concern for the customer.  On the other hand, the software service is already pre-packaged into the product so the customer does not have to worry about setting up a system.  And usually a customer using Saas will be looking to outsource significant amounts of IT needs to the Cloud provider.
As Cloud customers come from all walks of life, the client base for a provider is not limited to a company.

But many individuals use a Saas in their day to day operations. Saas is such a ubiquitous model that many people are using it without knowing it has a particular designation.  Whether  Saas should be considered in step with the other services is up in the air, but the basics of a Cloud service are there.  The Cloud host usually maintains a large server or servers to hold the data that is being sent through its operation, and the client accesses that data as way of interfacing with data, often in the form of communications.  The Cloud is a nascent industry with new issues cropping up routinely.



Popular cloud computing services: the PaaS (Platform as a Service)

One model for many developing companies, particularly those who are developing new software is Paas.  Paas or Platform as a Service is somewhere in between Iaas and Saas services because while it is not as restrictive as Saas it also is not as flexible as Iaas.  Paas lets the customer scale their operations according to their growth, and helps with development by having a consistent platform for a group of developers.

One use for Paas is for developing programs from multiple remote locations, because its services streamline the programing side.  By standardizing the available products or tricks in the bag, multiple people can remotely add to the programs being designed by the engineers without stepping on each others toes.  It is often used by companies that offer specialized services to other companies.  A company offering these services will often rent a cloud platform that gives them tools to then design programs for other companies to use.  The service is the platform like a Windows or Mac platform, except not as simple and customized by the Cloud providers themselves.

Paas is a convenient tool for developers and others who wish to coordinate their projects onto interpretable software.  A developer of some sort often needs to be working in the same language as their coworkers, to be able to integrate their particular designs with each other.  And for many companies that have developers working remotely this helps keep their work on the same level.  Paas works for other types of structures as well, a company that provides a software service to other companies may use Paas system to supplement their own servers.  The cloud is often used as a way for start-ups to avoid many of the costs associated with owning a server.  Paas is often a ‘pay as you go’ platform, meaning you can pay as your need arises.  If you need to rent more space you can pay according to your needs.  This helps young start-ups get costs associated with initial investments down.  Though by no means is a Paas provider limited to a start-up as their customer base.  A more developed company might want to use a Paas system to streamline operations.

Though the customer base for Paas is generally designers who offer applications for consumption, the advantage to using a platform specific Cloud service is that the customer can write all the code, and not be tied down to creating up the entire infrastructure of Iaas.  Saas services just wouldn’t work for developers.  The platform provided by the cloud services frees the developers up to work on more necessary tasks.

Paas customers can be varied, not limited to software developers alone.  A Paas provider might simplify their videos porno platform to provide more basic services that allow a company to have many built-in features.  While Saas and Iaas have elements of this, Paas is more variable in what it offers from provider to provider.  The Paas system is not as simple as a Saas system or an Iaas system.  The Iaas systems tend to be more hardware oriented, where the platform and software are already developed; in this way it is generally utilized by companies that already have a product to push out.  The Paas while solely for developing companies enables a developer to utilize the Cloud offering at all ends of their development process.

Paas in this way really enables new ideas and new developments in the tech world. Essentially keeping an application or web developer set from the beginning to the end. Though as the company grows they may want to consider hosting their own servers or depending on their needs renting out an Iaas host down the road.  But having the availability of the Paas enables young companies to begin and sell their products by saving them from hardware and various software development tools needed to really make excellent products.

Popular cloud computing services: the IaaS (Infrastructure as a Service)

A popular type of Cloud service these days is Iaas. It is a means of keeping costs down in the flexible area of hardware needs.  Iaas or Infrastructure as a Service is designed around providing a user with the available hardware to host whatever project needs hosting.

The best way to think about this is you are paying for the use of a network like you would a tax on infrastructure.  One day you may have to use the subway, another day the roads, and then some days you have five trucks and a subway car on the infrastructure.  Infrastructure as a service gives you real or virtual hardware that you can upload your information to.  Your programs or the users of your webpage go through the infrastructure of the Cloud host.  The host gives you the availability of storage and memory that scales according to your needs, but you have to build the project from the ground up to make use of the available infrastructure.

Getting down to basics allows the customer or the company renting out the Cloud service to scale their operations according to their needs.  For some the question may be why go through the extra effort to provide your own platform.  The scale of your operation when you rent out virtual room in the Iaas system is more flexible this way.  While Paas offers more software services to the customer, the open nature of Iaas gives a more established flexibility to create their own services with the hardware rented out.  The provider has the hardware, whatever particular hardware services they are offering, and the customer rents it out to keep costs down.  Any large database needs to be kept in a cool dry environment, and this amongst other things drives costs up especially for a project with variable memory needs.

Many services are virtual server space, network connections, bandwidth, IP addresses and load balancers.  Like Saas and Paas, Iaas is accessed by a client through the internet.  The Cloud in general is essentially an Application or a Web page that accesses the server through the internet and creates available storage for the user. The provider is able to keep their own costs down by letting the customer base make decisions on what type of platform or software to install on their hardware.  In turn, everything works seamlessly together. The hardware of an Iaas provider is often stored in many different facilities, allowing them to provide a product of scale.  Basically they can rent out their hardware to other users and by having a large facility or facilities they are able to keep costs down that are passed on to the customer.

The customer does not have to rent out their own facility this way.  By not having to maintain their own facility they are able to scale their operation according to peak and low traffic times.  For instance a weight loss website might want to rent out from an Iaas or Paas provider to keep costs down during  lulls in business.  But after New Years they might acquire a lot of customers that providing for would be a huge expense the rest of year.

Between Iaas and Paas providers the user has to decide what type of operation needs they have.  For a developer Paas might be the way to go, but for a more established company, or a company that has a product in line for their users a Iaas provider will be able to give them the hardware they might need at a scalable rate meeting their needs as it is needed.  Time, money, efficiency and ease of use are important factors in any business and tuning into the correct providers is the way to go.

VM snapshots for efficient Forensic Investigation

Cloud computing is a technology which allows users to access storage, software, and infrastructure and deployment environment based on a model named “pay-for-what-they-use”. The nature of the cloud environment is that it is multi-tenant and dynamic as there is a need for addressing the various legal, technical and organizational challenges regarding the cloud storage.

With the dynamic nature of the cloud environment, it is possible for digital investigations to be carried out in the cloud environment. Digital forensics has to adhere to a number of steps as it was the case with traditional computer forensics. These steps include Identification, Collection, Examination and Reporting/ Presentation. The first step involves identifying the source of evidence, while the collection phase involves identifying the actual evidence and collecting the necessary data. The examination stage involves analyzing the forensic data, while in the reporting phase, the found evidence is presented in a court of law.

The digital investigators experience challenges as a result of the legal, technical and organizational requirements. If some compromise is made on the part of the CSP, then the evidence which is provided will not be genuine. It might have happened the data you are relying on as evidence was injected by a malicious individual.

A number of digital devices are currently using the cloud, but the investigators are given little chance to obtain the evidence. The available Agreement may not be stating the role of the CSP in carrying out the investigation and its responsibility during the time of happening of the crime. The CSP might have failed to keep logs which are an important part in getting evidence regarding the occurrence of a crime. The investigator also has to rely on the CSP for collection of the necessary log files, and this is not easy. Many researchers have clearly stated that many investigators experience difficulties in trying to collect the log files.

The cloud service provider will provide their clients with a number of different services, and it has been found that only a few customers from the same organization will be accessing the same services. Malicious users are capable of stealing sensitive data from the other users and this can negatively affect the trust of the CSP. There is a need for the cloud to protect against these malicious activities by use of Intrusion Detection Mechanisms for monitoring the customer VMs and in detecting malicious activity.

A user can create his or her physical machine to create a VM. Other than for the user having to request, some cloud software such as the OpenStack and eucalyptus will create snapshots from a VM which is running and then store the snapshots till when the VM has terminated. If you reach the maximum VMs, then the older VMs will be deleted from the system. The snapshots from a cloud environment are a great source of digital evidence and they can be used for the purpose of regenerating events. It is hard for us to store numerous snapshots. The snapshots have also been found to slow the virtual machine, and this is determined by the rate at which it has changed since when it was taken and the period of time for which it is stored.

Malicious activities will always be identified in case the users of the VM carry out actions such as uploading a malware to the systems in our cloud infrastructure, excessive access from a location, or by performing numerous downloads or uploads within a short period of time. Other activities which can be suspicious include cracking of passwords, launching of dynamic attack points and deleting or corrupting some sensitive organization data.